Follow

How to Configure SSL for Zenoss Analytics Server (5.0.x) to Prevent Browser Untrusted Connections

Applies To

  • Zenoss Analytics 5.0.x

Summary

Depending on browser security settings, users connecting to an Analytics instance may encounter warning messages stating the site's identity cannot be verified. These errors are generated by some browsers when a web server presents a self-signed certificate to the browser establishing an SSL connection. This KB describes how to configure Zenoss Analytics 5.0.x to use a digitally signed certificate after such a certificate is procured by the Zenoss Analytics administrator.

Procedure

Perform the following to enable/configure the Zenoss Analytics host for SSL:

  1. Procure a new certificate for the Zenoss Analytics hostname.
  2. Copy the new certificate to the Zenoss Analytics host.
  3. Edit the /etc/httpd/conf.d/ssl.conf file, for example:

    $ vi /etc/httpd/conf.d/ssl.conf

  4. Search for and change the following lines in the file to add your path information.
    Note: If the lines do not exist, append them to the bottom of the file.
    SSLCertificateFile /etc/pki/tls/certs/localhost.crt
    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
    
  5. Save the file and exit the editor.
  6. Restart httpd. For example:

    sudo service httpd restart

NOTE: If your end users access the user interface via a reverse proxy, the reverse proxy may provide the browser with its own SSL certificate. In that case, please contact Zenoss Support for additional assistance.

If the steps in this procedure do not solve the issue, please contact Zenoss Support.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk